CVE-2017-16525 (retired)

The usb_serial_console_disconnect function in drivers/usb/serial/console.cin the Linux kernel before 4.13.8 allows local users to cause a denial ofservice (use-after-free and system crash) or possibly have unspecifiedother impact via a crafted USB device, related to disconnection and failedsetup.

Ubuntu-Description

Andrey Konovalov discovered a use-after-free vulnerability in the USBserial console driver in the Linux kernel. A physically proximate attackercould use this to cause a denial of service (system crash) or possiblyexecute arbitrary code.